JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.3.45.189

45.3.45.189 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 40%: ?

40%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.3.45.189

Whois 45.3.45.189

IP Abuse Reports for 45.3.45.189:

This IP address has been reported a total of 21 times from 12 distinct sources. 45.3.45.189 was first reported on October 2nd 2024, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 4server	2026-06-28 12:08:15 (4 hours ago)	[SunJun2814:08:10.6705182026][security2:error][pid844853:tid844990][client45.3.45.189:0]ModSecurity: ... show more [SunJun2814:08:10.6705182026][security2:error][pid844853:tid844990][client45.3.45.189:0]ModSecurity:Accessdeniedwithcode403$phase1$.Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"368\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"edilmarra.ch\"][uri\"/xmlrpc.php\"][unique_id\"akEOqmcyCjtja9NhLSSfJQAAABY\"] show less	Hacking Web App Attack
🇲🇹 Malta	2026-06-28 01:24:01 (15 hours ago)	45.3.45.189 - - [28/Jun/2026:03:24:01 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Ubuntu ... show more 45.3.45.189 - - [28/Jun/2026:03:24:01 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇨🇴 ingentar	2026-06-25 10:32:42 (3 days ago)	2026-06-25T05:32:20.342504-05:00 web wordpress(ingentar.com)[2484712]: Blocked authentication attemp ... show more 2026-06-25T05:32:20.342504-05:00 web wordpress(ingentar.com)[2484712]: Blocked authentication attempt for admin from 45.3.45.189 ... show less	Web App Attack Brute-Force
🇬🇷 setupgr	2026-06-22 09:03:54 (6 days ago)	(mod_security) mod_security (id:900001) triggered by 45.3.45.189 (IT/Italy/Lazio/Rome/-/[AS200373 DR ... show more (mod_security) mod_security (id:900001) triggered by 45.3.45.189 (IT/Italy/Lazio/Rome/-/[AS200373 DREI-K-TECH-GMBH]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Mon Jun 22 12:03:52.380651 2026] [security2:error] [pid 1934813:tid 1934949] [client 45.3.45.189:53957] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "75"] [id "900001"] [msg "Blocked WP Login attempt on domain: ions.gr"] [severity "CRITICAL"] [tag "security"] [hostname "ions.gr"] [uri "/wp-login.php"] [unique_id "ajj6ePVHAYoCTqtXWiUkIgAAAJM"], referer: https://ions.gr/wp-login.php show less	Port Scan
Anonymous	2026-06-20 02:16:15 (1 week ago)	[da.kdns.gr] httpd-login-spray-site: sites=vougioukas-texniki.gr; logs=/var/log/httpd/domains/vougio ... show more [da.kdns.gr] httpd-login-spray-site: sites=vougioukas-texniki.gr; logs=/var/log/httpd/domains/vougioukas-texniki.gr.log; samples=site_wide=true \| distinct_ips=20 \| /wp-login.php show less	Hacking Web App Attack
🇳🇿 billyborsht	2026-06-19 21:18:49 (1 week ago)	2026-06-20T09:18:48.313832+12:00 southern wordpress(leanpolicy.org)[1103478]: Authentication attempt ... show more 2026-06-20T09:18:48.313832+12:00 southern wordpress(leanpolicy.org)[1103478]: Authentication attempt for unknown user [email protected] from 45.3.45.189 ... show less	Hacking Web App Attack
🇨🇭 backslash	2026-05-23 05:00:24 (1 month ago)		Bad Web Bot
Anonymous	2026-01-05 20:27:13 (5 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-09 04:45:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.45.189 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.45.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 23:45:07.609974 2025] [security2:error] [pid 28341:tid 28341] [client 45.3.45.189:57725] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nextstepspersonalfinance.com"] [uri "/.env"] [unique_id "aTepU5za2H018mqfukkblgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 02:48:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.45.189 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.45.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 21:48:09.875339 2025] [security2:error] [pid 21850:tid 21850] [client 45.3.45.189:21711] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "digitalprintedglass.com"] [uri "/.svn/wc.db"] [unique_id "aTeN6fLQIFOiMWkc1t_X7wAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 22:14:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.45.189 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.45.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 17:14:40.561235 2025] [security2:error] [pid 18067:tid 18067] [client 45.3.45.189:44541] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "calypsodirect.com"] [uri "/.env"] [unique_id "aTX8UClwuYpCB3iOmEGNzgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 12:05:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.45.189 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.45.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 07:05:01.562030 2025] [security2:error] [pid 22093:tid 22093] [client 45.3.45.189:12643] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "26c.org"] [uri "/.svn/wc.db"] [unique_id "aTVtbdi49uqog04mUAUuyAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 18:29:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.45.189 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.45.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 13:29:03.259346 2025] [security2:error] [pid 9644:tid 9644] [client 45.3.45.189:16729] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vccemail.net"] [uri "/.git/HEAD"] [unique_id "aTR173RteE0gnd0Fm5fSMQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 19:59:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.45.189 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.45.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 14:59:18.728680 2025] [security2:error] [pid 24228:tid 24228] [client 45.3.45.189:14131] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lemay.design"] [uri "/.env"] [unique_id "aTM5ls8iFlg478ZTMTDZJQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 13:41:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.3.45.189 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.3.45.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 08:41:25.450666 2025] [security2:error] [pid 1411:tid 1411] [client 45.3.45.189:20769] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arsenalfordemocracy.com"] [uri "/.svn/wc.db"] [unique_id "aTLhBbwT0V_AUb8arBqKbwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 167.94.145.16

🇧🇷 131.161.249.165

🇩🇪 64.89.163.166

🇩🇪 45.86.202.73

🇬🇧 195.96.139.101

🇬🇧 185.247.137.96

🇹🇷 94.154.43.36

🇳🇱 91.92.40.8

🇺🇸 20.169.107.49

🇨🇳 221.229.218.50

🇺🇸 161.35.230.126

🇻🇳 103.199.68.240

🇺🇸 54.87.112.89

🇺🇸 45.33.40.18

🇨🇳 42.123.123.238

🇯🇵 203.25.124.114

🇵🇰 103.18.15.11

🇺🇸 66.132.172.194

🇹🇭 49.231.192.36

🇨🇦 209.54.124.33